RSS   Vulnerabilities for 'Yclas'   RSS

2021-08-18
 
CVE-2021-38710

CWE-79
 

 
Static (Persistent) XSS Vulnerability exists in version 4.3.0 of Yclas when using the install/view/form.php script. An attacker can store XSS in the database through the vulnerable SITE_NAME parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top